To print: Click here or Select File and then Print from your browser's menu

This story was printed from silicon.com, located at http://www.silicon.com/

Story URL: http://software.silicon.com/malware/0,3800003100,39150478,00.htm

Symantec website under DDoS attack
Hackers send message to the antivirus company...

By Dan Ilett

Published: Monday 18 July 2005

An email worm is recruiting computers for a coordinated attack on antivirus vendor Symantec's website.

Since Friday, email filtering vendor MessageLabs has intercepted 13,717 copies of the worm, dubbed Breatel.A-mm, and has issued a medium-level warning.

The worm travels as an email attachment, under the subject lines: "Message could not be delivered", "Error", or "Mail Delivery System".

If the attached file is opened, the computer connects to a botnet — a network of thousands of hacker-controlled computers used for illegal activity – and begins to send data to the Symantec website in the hope of crashing it.

According to antivirus company F-Secure, the worm attachment contains a message to Symantec that says: "easy to talk but hard to work :)  what about working in symantec? :P  it is not only a mass mail worm it is also a lsass worm :)"

A Symantec spokesman said that the company's infrastructure was built to withstand such attacks.

The first copy of the worm was sent from Northern Ireland, MessageLabs said.